]>
git.proxmox.com Git - pve-access-control.git/log
Dietmar Maurer [Mon, 27 Jul 2015 11:14:54 +0000 (13:14 +0200)]
bump version to 4.0-6
Wolfgang Bumiller [Wed, 15 Jul 2015 08:25:42 +0000 (10:25 +0200)]
improve parse_user_config, parse_shadow_config
same as in pve-common: replace substituting line parsing
with /gm modified match regexps.
Dietmar Maurer [Wed, 10 Jun 2015 08:40:28 +0000 (10:40 +0200)]
bump version to 4.0-5
Wolfgang Bumiller [Wed, 10 Jun 2015 07:20:00 +0000 (09:20 +0200)]
pveum: check for $cmd being defined
fixes an 'undefined value' error when no command is
specified.
Dietmar Maurer [Mon, 1 Jun 2015 10:25:48 +0000 (12:25 +0200)]
bump version to 4.0-4
Dietmar Maurer [Mon, 1 Jun 2015 08:03:48 +0000 (10:03 +0200)]
use activate-noawait triggers
Dietmar Maurer [Wed, 27 May 2015 09:16:01 +0000 (11:16 +0200)]
bump version to 4.0-3
Wolfgang Bumiller [Wed, 27 May 2015 07:30:55 +0000 (09:30 +0200)]
remote_viewer_config: brackets around ipv6 http address
Wolfgang Bumiller [Wed, 27 May 2015 07:30:54 +0000 (09:30 +0200)]
non-root buildfix
Dietmar Maurer [Tue, 5 May 2015 13:06:53 +0000 (15:06 +0200)]
bump version to 4.0-2
Dietmar Maurer [Tue, 5 May 2015 13:06:06 +0000 (15:06 +0200)]
trigger pve-api-updates event
Dietmar Maurer [Thu, 26 Feb 2015 10:31:54 +0000 (11:31 +0100)]
bump version for Debian Jessie
Dietmar Maurer [Fri, 30 Jan 2015 05:20:42 +0000 (06:20 +0100)]
bump version to 3.0-16
Wolfgang Link [Wed, 28 Jan 2015 09:36:49 +0000 (10:36 +0100)]
Fix: disable root
root can now be disabled in GUI.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Dietmar Maurer [Wed, 23 Jul 2014 05:02:37 +0000 (07:02 +0200)]
remove debugging code
Dietmar Maurer [Wed, 23 Jul 2014 05:01:04 +0000 (07:01 +0200)]
bump version to 3.0-15
Dietmar Maurer [Wed, 23 Jul 2014 04:59:01 +0000 (06:59 +0200)]
add step/digits option to oath configuration
Dietmar Maurer [Fri, 18 Jul 2014 09:24:55 +0000 (11:24 +0200)]
allow to write builtin auth domains
So that we can set tfa, comment, default with the GUI.
Dietmar Maurer [Thu, 17 Jul 2014 11:59:53 +0000 (13:59 +0200)]
add oath two factor auth, bump version to 3.0-14
Dietmar Maurer [Tue, 15 Jul 2014 12:18:17 +0000 (14:18 +0200)]
enable yubico OTP (by removing debuging code)
Dietmar Maurer [Mon, 23 Jun 2014 09:42:44 +0000 (11:42 +0200)]
add basic support for two factor auth
Dietmar Maurer [Fri, 20 Jun 2014 10:58:17 +0000 (12:58 +0200)]
add experimental code for yubico OTP verification
Dietmar Maurer [Thu, 22 May 2014 05:16:36 +0000 (07:16 +0200)]
bump version to 3.0-13
Dietmar Maurer [Thu, 22 May 2014 05:12:25 +0000 (07:12 +0200)]
use correct connection string for AD auth (use encryption and port info).
Dietmar Maurer [Wed, 30 Apr 2014 12:48:27 +0000 (14:48 +0200)]
bump version to 3.0-12
Dietmar Maurer [Wed, 30 Apr 2014 12:45:57 +0000 (14:45 +0200)]
add dummy API for login page
Dietmar Maurer [Fri, 31 Jan 2014 09:26:17 +0000 (10:26 +0100)]
bump version tp 3.0-11
Dietmar Maurer [Wed, 22 Jan 2014 06:25:09 +0000 (07:25 +0100)]
cleanup previous patch
Lindsay Mathieson [Thu, 16 Jan 2014 13:14:01 +0000 (23:14 +1000)]
Sets common hot keys for spice client
* "Ctl-Alt-Insert" for secure-attention (Ctrl-Alt-del)
* "Shift-F11" for Full Screen toggle
* "Ctrl-Alt-R" for cursor release
Signed-off-by: Lindsay Mathieson <lindsay.mathieson@gmail.com>
Dietmar Maurer [Tue, 10 Dec 2013 09:45:25 +0000 (10:45 +0100)]
bump version to 3.0-10
Dietmar Maurer [Tue, 10 Dec 2013 09:38:42 +0000 (10:38 +0100)]
implement helper to generate SPICE remote-viewer configuration
Moved read_x509_subject_spice() from PVE::QemuServer.
Depend on libnet-ssleay-perl.
Dietmar Maurer [Tue, 26 Nov 2013 06:50:20 +0000 (07:50 +0100)]
allow dots in access paths
Because storage IDs may contain dots.
Dietmar Maurer [Mon, 18 Nov 2013 10:23:50 +0000 (11:23 +0100)]
return correct 401 status code for unauthorized calls
New HTTP::Server will delay the call by 3 seconds.
Dietmar Maurer [Mon, 18 Nov 2013 08:07:01 +0000 (09:07 +0100)]
bump version to 3.0-9
Dietmar Maurer [Mon, 18 Nov 2013 08:05:04 +0000 (09:05 +0100)]
prevent user enumeration attacks
Dietmar Maurer [Mon, 28 Oct 2013 07:12:29 +0000 (08:12 +0100)]
bump version to 3.0-8
Dietmar Maurer [Mon, 28 Oct 2013 07:10:48 +0000 (08:10 +0100)]
spice: use lowercase hostname in ticktet signature
Dietmar Maurer [Tue, 1 Oct 2013 11:03:43 +0000 (13:03 +0200)]
use warnings instead of global -w flag
Dietmar Maurer [Tue, 1 Oct 2013 10:36:02 +0000 (12:36 +0200)]
bump version to 3.0-7
Dietmar Maurer [Tue, 1 Oct 2013 10:09:51 +0000 (12:09 +0200)]
remove path related code from check_volume_access()
Alexandre Derumier [Wed, 25 Sep 2013 08:27:43 +0000 (10:27 +0200)]
check_volume_access : use parse_volname instead path
to avoid extra calls for some storageplugins (zfs,nexenta).
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Mon, 2 Sep 2013 08:32:39 +0000 (10:32 +0200)]
add reference to git version
Dietmar Maurer [Fri, 19 Jul 2013 10:39:26 +0000 (12:39 +0200)]
bump version to 3.0-6
Dietmar Maurer [Fri, 19 Jul 2013 10:35:23 +0000 (12:35 +0200)]
produce shorter spiceproxy tickets
By using a simple Digest with private secret /etc/pve/pve-www.key. This is
less secure than pub key auth, but good enough for the proxy.
Dietmar Maurer [Wed, 26 Jun 2013 11:08:58 +0000 (13:08 +0200)]
bump version to 3.0-5
Dietmar Maurer [Wed, 26 Jun 2013 11:07:00 +0000 (13:07 +0200)]
new ticket code for spice
Dietmar Maurer [Tue, 25 Jun 2013 10:03:48 +0000 (12:03 +0200)]
assemble_spice_ticket: do not use base32 encoding
Alexandre Derumier [Tue, 25 Jun 2013 07:12:52 +0000 (09:12 +0200)]
assemble_spice_ticket
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Tue, 14 May 2013 09:57:13 +0000 (11:57 +0200)]
bump version to 3.0-4
Dietmar Maurer [Tue, 14 May 2013 09:55:26 +0000 (11:55 +0200)]
moved add_vm_to_pool/remove_vm_from_pool from qemu-server
Because we can also use this for openvz containers
Dietmar Maurer [Thu, 2 May 2013 09:44:52 +0000 (11:44 +0200)]
rename VM.Copy to VM.Clone
Dietmar Maurer [Mon, 29 Apr 2013 09:42:25 +0000 (11:42 +0200)]
bump version to 3.0-3
Dietmar Maurer [Mon, 29 Apr 2013 09:40:32 +0000 (11:40 +0200)]
add VM.Copy priviledge
And a new role called PVETemplateUser
Dietmar Maurer [Mon, 15 Apr 2013 10:34:41 +0000 (12:34 +0200)]
remove CGI.pm related code
New pveproxy does not need that.
Dietmar Maurer [Fri, 15 Mar 2013 07:07:17 +0000 (08:07 +0100)]
bump version to 3.0-1 for wheezy release
Dietmar Maurer [Thu, 28 Feb 2013 09:01:04 +0000 (10:01 +0100)]
fix access permissions for backup files
bump version to 1.0-26
Dietmar Maurer [Mon, 24 Sep 2012 10:00:15 +0000 (12:00 +0200)]
bump RELEASE to 2.2
Dietmar Maurer [Mon, 10 Sep 2012 07:24:19 +0000 (09:24 +0200)]
add VM.Snapshot permission
Dietmar Maurer [Wed, 6 Jun 2012 11:06:51 +0000 (13:06 +0200)]
untaint path
Dietmar Maurer [Wed, 30 May 2012 06:47:43 +0000 (08:47 +0200)]
correctly compute GUI capabilities (consider pools)
Dietmar Maurer [Wed, 16 May 2012 05:22:25 +0000 (07:22 +0200)]
new plugin architecture for Auth modules
Dietmar Maurer [Tue, 24 Apr 2012 08:10:35 +0000 (10:10 +0200)]
do not allow user names including slash
Dietmar Maurer [Tue, 24 Apr 2012 08:10:12 +0000 (10:10 +0200)]
add ability to fork cli workers in background
Dietmar Maurer [Tue, 17 Apr 2012 08:26:48 +0000 (10:26 +0200)]
return set of privileges on login - can be used to adopt GUI
Dietmar Maurer [Wed, 11 Apr 2012 08:21:15 +0000 (10:21 +0200)]
fix bug #151: corretly parse username inside ticket
Dietmar Maurer [Wed, 11 Apr 2012 07:40:42 +0000 (09:40 +0200)]
allow users to change his own password
Dietmar Maurer [Thu, 1 Mar 2012 11:40:52 +0000 (12:40 +0100)]
better error message for useradd
Dietmar Maurer [Thu, 1 Mar 2012 11:38:46 +0000 (12:38 +0100)]
set propagate flag by default
Dietmar Maurer [Thu, 23 Feb 2012 11:06:06 +0000 (12:06 +0100)]
dd 'pveum passwd' method
Dietmar Maurer [Wed, 22 Feb 2012 10:45:55 +0000 (11:45 +0100)]
Add VM.Config.CDROM privilege to PVEVMUser rule
Dietmar Maurer [Wed, 22 Feb 2012 09:53:08 +0000 (10:53 +0100)]
fix buf in userid-param permission check
Dietmar Maurer [Wed, 22 Feb 2012 05:17:27 +0000 (06:17 +0100)]
allow more characters in ldap base_dn attribute
Dietmar Maurer [Mon, 20 Feb 2012 07:54:40 +0000 (08:54 +0100)]
allow more characters with realm IDs
Dietmar Maurer [Wed, 15 Feb 2012 06:06:58 +0000 (07:06 +0100)]
use full name for verify_user
Dietmar Maurer [Tue, 14 Feb 2012 11:08:36 +0000 (12:08 +0100)]
changed 'pveum aclmod' command line arguments
We cant use multiple arguments with '-list' types. JSONSchema::get_options is unable to handle that.
Dietmar Maurer [Tue, 14 Feb 2012 10:57:41 +0000 (11:57 +0100)]
fix acl group name parser
Dietmar Maurer [Mon, 13 Feb 2012 08:58:37 +0000 (09:58 +0100)]
fix bug in check_volume_access (fixes vzrestore)
Dietmar Maurer [Fri, 10 Feb 2012 10:25:23 +0000 (11:25 +0100)]
fix return value for empty ACL list
Dietmar Maurer [Thu, 9 Feb 2012 10:26:37 +0000 (11:26 +0100)]
do not allow to change system user passwords
Dietmar Maurer [Thu, 9 Feb 2012 10:15:59 +0000 (11:15 +0100)]
fix syntax
Dietmar Maurer [Mon, 6 Feb 2012 11:34:24 +0000 (12:34 +0100)]
moved check_volume_access from qemu-server
Dietmar Maurer [Mon, 6 Feb 2012 11:04:21 +0000 (12:04 +0100)]
remove buggy check_storage_perm
Storage permissions are automatically inherited from pool, so this method is more or less useless.
Dietmar Maurer [Mon, 6 Feb 2012 09:41:48 +0000 (10:41 +0100)]
new privilege VM.Backup
Dietmar Maurer [Mon, 6 Feb 2012 09:05:18 +0000 (10:05 +0100)]
new privilege Datastore.AllocateTemplate
Dietmar Maurer [Wed, 1 Feb 2012 12:26:21 +0000 (13:26 +0100)]
add more privileges, improve docs
Dietmar Maurer [Wed, 1 Feb 2012 09:06:22 +0000 (10:06 +0100)]
new helper functions
Dietmar Maurer [Wed, 1 Feb 2012 06:49:07 +0000 (07:49 +0100)]
new test option 'require_param' - code cleanup
Dietmar Maurer [Tue, 31 Jan 2012 07:23:33 +0000 (08:23 +0100)]
add special test for pool
Dietmar Maurer [Tue, 31 Jan 2012 06:37:38 +0000 (07:37 +0100)]
add Pool.Allocate priviledge
Dietmar Maurer [Fri, 27 Jan 2012 07:44:22 +0000 (08:44 +0100)]
moved Pool.pm to pve-manager package
Dietmar Maurer [Fri, 27 Jan 2012 07:32:41 +0000 (08:32 +0100)]
cleanup permission checks
Added new Real.AllocateUser priviledge
Dietmar Maurer [Thu, 26 Jan 2012 13:02:25 +0000 (14:02 +0100)]
code cleanup
Dietmar Maurer [Thu, 26 Jan 2012 12:46:31 +0000 (13:46 +0100)]
fix return format
Dietmar Maurer [Thu, 26 Jan 2012 12:35:33 +0000 (13:35 +0100)]
code cleanup
Dietmar Maurer [Thu, 26 Jan 2012 12:02:07 +0000 (13:02 +0100)]
return array instead of hash
Dietmar Maurer [Thu, 26 Jan 2012 11:42:01 +0000 (12:42 +0100)]
add pool API
Dietmar Maurer [Thu, 26 Jan 2012 08:54:56 +0000 (09:54 +0100)]
remove debug message
Dietmar Maurer [Thu, 26 Jan 2012 08:39:02 +0000 (09:39 +0100)]
only add Permissions.Modify to SysAdmin role
Dietmar Maurer [Thu, 26 Jan 2012 07:31:27 +0000 (08:31 +0100)]
add description
Dietmar Maurer [Thu, 26 Jan 2012 07:26:31 +0000 (08:26 +0100)]
use User.Allocate instead of User.Add/User.Delete
projects / pve-access-control.git / log